Hillary Clinton continues to deny that she did anything wrong by conducting official State Department business via a private email server. However, the State Department Inspector General concluded in a report released Wednesday that Clinton did in fact violate the Federal Records Act by deleting thousands of “personal” emails before handing the rest over to the Department for review and preservation:

While the report concludes that the agency suffers from “longstanding, systemic weaknesses” with records that “go well beyond the tenure of any one Secretary of State,” it specifically dings Clinton for her exclusive use of private email during her four years at the agency.

“Secretary Clinton should have preserved any Federal records she created and received on her personal account by printing and filing those records with the related files in the Office of the Secretary,” the report states. “At a minimum, Secretary Clinton should have surrendered all emails dealing with Department business before leaving government service and, because she did not do so, she did not comply with the Department’s policies that were implemented in accordance with the Federal Records Act.”

The report also notes that she had an “obligation to discuss using her personal email account” but did not get permission from the people who would have needed to approve the technology, who said they would not have done so, if they had been asked.

Further, the report confirms apparent hacking attempts made on the server, and details how employees who questioned the safety of the server were told to stop asking questions.